krb5_prompt prompts[])
{
if (num_prompts == 0) return 0;
+#if HAVE_KRB5_PROMPT_TYPE
+
+ /*
+ * only heimdal has a prompt type and we need to deal with it here to
+ * avoid loops.
+ *
+ * removing the prompter completely is not an option as at least these
+ * versions would crash: heimdal-1.0.2 and heimdal-1.1. Later heimdal
+ * version have looping detection and return with a proper error code.
+ */
if ((num_prompts == 2) &&
(prompts[0].type == KRB5_PROMPT_TYPE_NEW_PASSWORD) &&
*/
return KRB5KDC_ERR_KEY_EXPIRED;
}
-
+#endif /* HAVE_KRB5_PROMPT_TYPE */
memset(prompts[0].reply->data, '\0', prompts[0].reply->length);
if (prompts[0].reply->length > 0) {
if (data) {
conf.define('HAVE_KRB5_PRINCIPAL_SET_TYPE', 1)
conf.define('HAVE_KRB5_PRINCIPAL_GET_TYPE', 1)
conf.define('HAVE_KRB5_WARNX', 1)
+conf.define('HAVE_KRB5_PROMPT_TYPE', 1)
heimdal_includedirs = []
heimdal_libdirs = []
define='HAVE_ADDRTYPE_IN_KRB5_ADDRESS')
conf.CHECK_STRUCTURE_MEMBER('krb5_ap_req', 'ticket', headers='krb5.h',
define='HAVE_TICKET_POINTER_IN_KRB5_AP_REQ')
+conf.CHECK_STRUCTURE_MEMBER('krb5_prompt', 'type', headers='krb5.h',
+ define='HAVE_KRB5_PROMPT_TYPE')
conf.CHECK_TYPE('krb5_encrypt_block', headers='krb5.h')